638a6ebc72b952adf863af7102abd000_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

638a6ebc72b952adf863af7102abd000_JaffaCakes118
Size

43KB
MD5

638a6ebc72b952adf863af7102abd000
SHA1

447326a8fe36e7174c84081f624f36b5d4cd4352
SHA256

084d28810ffb907c3f76ee2a3819fbd9ed8b2ca23d09409a89ddbd538f2a1204
SHA512

1a530a75aa97412dbb7a4ea16ece033aba58a6fd87e16c4550da0cd80975859bf9d50e23ee67e6e6e60e168fa2869057e5cdfc50c0aaa2455de194424b92ef60
SSDEEP

768:vnY0GeOIJ6byLe1nqfCAXLjREVS99NfsUEJgPtBGn45fH4yXiAcN9UIL:vY0GdIgb5oxXLNEVK9N0UugCwHzXiAcT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
638a6ebc72b952adf863af7102abd000_JaffaCakes118

Files

638a6ebc72b952adf863af7102abd000_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c9a6701676f5fb5ce6ec18f49406f860

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
GetSystemTime
GetUserDefaultUILanguage
SetFileTime
SetThreadPriority
lstrlenA
FindClose
SetFileAttributesW
EnterCriticalSection
CreateThread
DisconnectNamedPipe
GetDriveTypeW
FindFirstFileW
CreateEventW
lstrcpynW
SetEndOfFile
ExpandEnvironmentStringsW
CreateProcessW
OpenProcess
GetTempPathW
CopyFileW
CreateFileMappingW
SetLastError
GetCurrentThread
HeapFree
SetEvent
MultiByteToWideChar
GetModuleHandleA
ReleaseMutex
CloseHandle

Sections

.notsx
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nkr
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bklob
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ